Crash issue with XPSSweeper utility in 12.8 SP6 (12.8.06) release.

book

Article ID: 236745

calendar_today

Updated On:

Products

CA Single Sign-On CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder) SITEMINDER

Issue/Introduction

We have observed below product defect in " 12.8.06 (12.8 SP6) " version (BOTH LINUX and Windows).

After Installing/Upgrading 12.8 SP6 release, we have observed a crash issue with XPSSweeper utility.

We have observed the below error when we ran the "XPSSweeper -a" and crashed on the servers.

./XPSSweeper -a
[XPSSweeper - XPS Version 12.8.0600.2649]
Log output: /opt/CA/smuser/siteminder/log/XPSSweeper.2022-03-07_164000.log
Initializing XPS, please wait...
Starting Integrity Analysis.
Segmentation fault (core dumped)

- Review of the pkgapp/backtrace info shows the following logged messages
 
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `XPSSweeper'.
Program terminated with signal 11, Segmentation fault.
#0  0x00007f6ec181d49b in IXPSObjectV1::ValidateMetadataTag(IXPSObjectV1 const*, char const*) const ()
   from /opt/CA/smuser/siteminder/lib/libXPS.so
(gdb) ------------BEGIN WHERE--------------
(gdb) #0  0x00007f6ec181d49b in IXPSObjectV1::ValidateMetadataTag(IXPSObjectV1 const*, char const*) const ()

Cause

In  12.8.06 (12.8 SP6) a new feature was added: metatags. This feature relies on additional attributes in several xdd files. Unfortunately these were not backward compatible (which needs to be corrected) so in 12.8.06 xpssweeper will crash.

Environment

Environment:

12.8 SP6 (12.8.06) release.

Resolution

SE Engineering team provided below DEV FIX/PATCHES to resolve this issue.

If you observe any crash issue with XPSSweeper utility, kindly open a support ticket to get the DEV FIX/PATCH.

Defects for reference:

DE530462 (Windows) (XPS_12806_win64.zip)
DE530095 (LINUX) (libXPS_12806_linux.zip)

------ Additional Information"

------ Is this PATCH already Included in the " 12.8 SP6a " release or do we still need to apply the same PATCH If we upgrade to " 12.8 SP6a " release?

>> Not included yet, will come in Upcoming Release so you would need to apply the PATCH even If you upgrade to 12.8 SP6a release.

------ Is there any change in the data definitions and default policy store objects between the 12.8 SP6 release and 12.8 SP6a release? The reason why we are asking this question is to understand whether we need to upgrade the Policy Store or not, If we move from 12.8 SP6 to 12.8 SP6a release?

>> No Difference in Data definitions between 12.8.6a and 12.8.06GA,  Release 12.8.06a has only third-party upgrade releases to overcome the Vulnerabilities.